As well as being shorter, this prevents connecting using a different
address family (e.g., IPv6 rather than IPv4) compared to doing this:
http.get(host.targetname, port.number)
Patch by John Bond.
http://seclists.org/nmap-dev/2012/q2/637
ssl-enum-ciphers was producing output against non-ssl services, listing
"least strength: strong" when there was no cipher matched. Fixed to
return nil in this case, and to clearly indicate when a protocol is
supported but does not support any of our ciphers (a very unlikely
situation! Had to artificially reduce attempted ciphers to test.)
Was crashing on unparseable dates (example: "2147483647Z"). Now the
exact string is placed in structured output when it cannot be
normalized. Also, the structured-format timestamp is used for Normal
output for consistency; no timezone offset was previously displayed.
The script was checking the returned data, but not the status. When
status is false, data is actually an error message. So in case of a
timeout, the script was receiving nil, "TIMEOUT" and interpreting
"TIMEOUT" as a response from the server. It looked like this:
Discovered open port 1434/udp on 127.0.0.1
NSE: rpc-grind: RPC checking function response data is not RPC.
NSE: Target port 1434 is not a RPC port.
This was reported by Christopher Clements.
http://seclists.org/nmap-dev/2012/q3/685
smb.get_os already returns something that is fairly well structured, so
basically return that. Keep the "os" and "lanmanager" fields separate,
though they are combined as "os (lanmanager)" for normal output. Combine
"time" and "timezone" into a single "date" output.
The new version improves the detection mechanism to cover PHP environments with .htaccess files and adds spidering to locate password protected resources automatically.
rpc-grind script puts version information in a different place. Also
switched from using file-local variables to host-registry entries for
nfs and mount ports and versions. I'm pretty sure the old way would have
failed on scans with more than one NFS version on separate machines.
NSE: rpc-grind Connect(): RPC library does not support: nil protocol
NSE: rpc-grind Connect(): RPC library does not support: rpcbind version
81578896
These errors caused by ChkProgram and ChkVersion called from
rpc.Comm.Connect. Added a dummy program in rpc-grind and a check for
self.checkprogver in ChkVersion, and everything works great.
Also fixed portrule to only fail if the non-rpcbind service name was not
the result of table lookup. Was failing on port 2049 (in nmap-services
as "nfs") without -sV.
"algorithm" seems to be a mapping computed by our ssh2 library:
ssh-rsa → RSA
ssh-dss → DSA
"type" is just the string "ssh-rsa" or "ssh-dss". "Type" seems to be the
terminology used in the ssh-keygen man page.
